<?php

// Home >> Update admin note
function home_update_note()
{
	global $DB,$tbl,$cfg,$lang,$admin_session;
	global $page,$adm_privilege,$index_url,$show_content;
	if(post("update_note"))
	{
		$sql = 'UPDATE '.$tbl['admin_accounts'].' SET admin_note="'.post('admin_note').'" WHERE id='.$admin_session['admin_id'];
		$q_update = $DB->query($sql);
			
		if($q_update)  
		{
			$result .= message_redirect($lang["data_updated"],$index_url);
			common_insert_action('Update admin note',$tbl['admin_accounts'],$_GET['mdl']);
			$show_content = false;
		}
		else $result .= message($lang["updated_fail"],'error');		
	}
	return $result;
}

// Config >> Insert new value
function config_insert()
{
	global $DB,$tbl,$cfg,$lang,$admin_session,$time;
	global $page,$adm_privilege,$index_url,$show_content;
	if(post("insert") && check_session_id())
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['site_config'].' WHERE field="'.post("field").'"');
		if($DB->num_rows($q_select))
			$result = message(sprintf($lang["config_existed"],post('field')),'error');
		else
		{	
			$sql = 'INSERT INTO '.$tbl['site_config'].'(admin_id,sort,title,field,value,value_en,value_fr,note,created_by,created_time,active) VALUES (
											"'.$admin_session['admin_id'].'",
											"100",
											"'.post("title").'",
											"'.post("field").'",																				
											"'.post("value").'",
											"'.post("value_en").'",
											"'.post("value_fr").'",
											"'.post("note").'",
											"'.$admin_session['admin_user'].'",
											"'.mysql_datetime($time).'",
											'.((post("active"))?1:0).'
										)';
			$q_insert = $DB->query($sql);
			
			
			if($q_insert) 
			{
				$show_content = false;
				$result = message_redirect($lang["data_inserted"],$index_url.'&p=show');
				common_insert_action('Insert new site config',$tbl['site_config'],$_GET['mdl']);
			}
			else $result = message($lang["inserted_fail"],'error');		
					
		}
	}
	return $result;
}

// config >> update config
function config_update()
{
	global $DB,$tbl,$cfg,$lang,$admin_session,$time;
	global $page,$adm_privilege,$index_url,$show_content;
	if(post("update") && get('id') && check_session_id())
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['site_config'].' WHERE field="'.post("field").'" AND id!="'.get('id').'"');
		if($DB->num_rows($q_select))
			$result = message(sprintf($lang["config_existed"],post('field')),'error');
		else
		{	
			$sql = 'UPDATE '.$tbl['site_config'].' SET
						title="'.post('title').'",
						field="'.post('field').'",												
						value="'.post('value').'",
						value_en="'.post('value_en').'",
						value_fr="'.post('value_fr').'",
						note="'.post('note').'",
						updated_by="'.$admin_session['admin_user'].'",
						updated_time="'.mysql_datetime($time).'",
						active="'.((post('active'))?1:0).'"
					WHERE id="'.get('id').'"';

			$q_update = $DB->query($sql);
			
			
			if($q_update) 
			{
				$show_content = false;
				$result = message_redirect($lang["data_updated"],$index_url.'&p=show');
				common_insert_action('Update site config',$tbl['site_config'],$_GET['mdl']);
			}
			else $result = message($lang["updated_fail"],'error');		
					
		}
	}
	return $result;
}

// Config >> Insert new value
function language_insert()
{
	global $DB,$tbl,$cfg,$lang,$admin_session,$time;
	global $page,$adm_privilege,$index_url,$show_content;
	if(post("insert") && check_session_id())
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['language'].' WHERE code="'.post("code").'"');
		if($DB->num_rows($q_select))
			$result = message(sprintf($lang["language_existed"],post('code')),'error');
		else
		{	
			$sql = 'INSERT INTO '.$tbl['language'].'(admin_id,sort,title,code,is_default,created_by,created_time,active) VALUES (
											"'.$admin_session['admin_id'].'",
											"100",
											"'.post("title").'",
											"'.post("code").'",
											"'.((post("is_default"))?1:0).'",
											"'.$admin_session['admin_user'].'",
											"'.mysql_datetime($time).'",
											'.((post("active"))?1:0).'
										)';
			$q_insert = $DB->query($sql);
			
			
			if($q_insert) 
			{
				$show_content = false;
				$result = message_redirect($lang["data_inserted"],$index_url.'&p=show');
				common_insert_action('Insert new site language',$tbl['language'],$_GET['mdl']);
			}
			else $result = message($lang["inserted_fail"],'error');		
					
		}
	}
	return $result;
}

// config >> update config
function language_update()
{
	global $DB,$tbl,$cfg,$lang,$admin_session,$time;
	global $page,$adm_privilege,$index_url,$show_content;
	if(post("update") && get('id') && check_session_id())
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['language'].' WHERE code="'.post("code").'" AND id!="'.get('id').'"');
		if($DB->num_rows($q_select))
			$result = message(sprintf($lang["language_existed"],post('code')),'error');
		else
		{	
			$sql = 'UPDATE '.$tbl['language'].' SET
						title="'.post('title').'",
						code="'.post('code').'",
						is_default="'.((post('is_default'))?1:0).'",
						updated_by="'.$admin_session['admin_user'].'",
						updated_time="'.mysql_datetime($time).'",
						active="'.((post('active'))?1:0).'"
					WHERE id="'.get('id').'"';

			$q_update = $DB->query($sql);
			
			
			if($q_update) 
			{
				$show_content = false;
				$result = message_redirect($lang["data_updated"],$index_url.'&p=show');
				common_insert_action('Update site language',$tbl['language'],$_GET['mdl']);
			}
			else $result = message($lang["updated_fail"],'error');		
					
		}
	}
	return $result;
}

// Admin > Insert admin
function admin_insert()
{
	global $DB,$tbl,$cfg,$lang,$page,$adm_privilege,$index_url,$show_content,$admin_session,$time;
	if(check_post('insert,admin_user,admin_pwd') && check_session_id())
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['admin_accounts'].' WHERE admin_user="'.post("admin_user").'"');
		if($DB->num_rows($q_select))
			$result = message($lang["registered_admin"],'error');
		else
		{
			// Get privilges
			// Action: 1=view,2=add,3=edit,4=delete,5=publish
			$id = 0;
			if($_POST['page'])
			{
				foreach ($_POST['page'] as $index=>$value)
				{
					//echo $index.' '.$value;
					$adm_privilege[$id] =  $value.':';
					if(is_array($_POST['module'][$value]))
					{
						for($x=1;$x<=5;$x++)
						{
							if(in_array($x,$_POST['module'][$value])) $adm_privilege[$id] .= $x;
							else $adm_privilege[$id] .= '0';
						}
					}
					$id += 1;
				}
			}
			//echo join("//",$adm_privilege);
			$allows_pages = ((post("is_super_admin"))?'all':@join("/",$adm_privilege));
			//echo $allows_pages;

			$q_insert = $DB->query('INSERT INTO '.$tbl['admin_accounts'].'(admin_user,admin_pwd,is_super_admin,privilege,created_by,created_time,active) VALUES (
											
											"'.post("admin_user").'",
											"'.md5(md5(post("admin_pwd"))).'",
											'.((post("is_super_admin"))?1:0).',
											"'.$allows_pages.'",
											"'.$admin_session['admin_user'].'",
											"'.mysql_datetime($time).'",
											"'.(post("active")?1:0).'"
										)');
					
			if($q_insert) 
			{
				$show_content = false;
				$result = message_redirect($lang["data_inserted"],$index_url.'&p=show');
				common_insert_action('Insert new admin account',$tbl['admin_accounts'],$_GET['mdl']);
			}
			else $result = message($lang["inserted_fail"],'error');		
					
		}
	}
	return $result;
}

// Admin >> Update account
function admin_update()
{
	global $DB,$tbl,$cfg,$lang,$page,$adm_privilege,$index_url,$show_content,$admin_session,$time;
	if(post("update") && get('id'))
	{
		// Get privilges
		// Action: 1=view,2=add,3=edit,4=delete,5=publish
		$id = 0;
		$id = 0;
		if($_POST['page'])
		{
			foreach ($_POST['page'] as $index=>$value)
			{
				//echo $index.' '.$value;
				$adm_privilege[$id] =  $value.':';
				if(is_array($_POST['module'][$value]))
				{
					for($x=1;$x<=5;$x++)
					{
						if(in_array($x,$_POST['module'][$value])) $adm_privilege[$id] .= $x;
						else $adm_privilege[$id] .= '0';
					}
				}
				$id += 1;
			}
		}
		//echo join("//",$adm_privilege);
		$allows_pages = ((post("is_super_admin"))?'all':@join("/",$adm_privilege));
		$q_update = $DB->query('UPDATE '.$tbl['admin_accounts'].' SET 
										admin_user = "'.post("admin_user").'",
										'.((post("admin_pwd"))?'admin_pwd = "'.md5(md5(post("admin_pwd"))).'",':'').'
										is_super_admin = '.((post("is_super_admin"))?1:0).',
										privilege = "'.$allows_pages.'",
										updated_by = "'.$admin_session['admin_user'].'",
										updated_time = "'.mysql_datetime($time).'",
										active = "'.(post("active")?1:0).'"
								WHERE id="'.get('id').'"');
			
		if($q_update) 
		{
			$show_content = false;
			$result = message_redirect($lang["data_updated"],$index_url);
			common_insert_action('Update admin account',$tbl['admin_accounts'],$_GET['mdl']);
		}
		else $result = message($lang["updated_fail"],'error');
			
	}
	return $result;
}

// Statistics >> Reset counter
function stats_reset_counter()
{
	global $DB,$tbl,$cfg,$lang;
	if(get('act')=='reset_counter')
	{
		$DB->query('DELETE FROM '.$tbl["counter"].' WHERE id!=0');
		$result = message('OK! Counter value has been reset','info');
		common_insert_action('Reset counter',$tbl['counter'],$_GET['mdl']);
	}
	return $result;
}

// Statistics >> Add page hit
function stats_add_page_hit()
{
	global $DB,$tbl,$cfg,$lang;
	if(check_post('insert,title,page_code'))
	{
		$q_select = $DB->query('SELECT id FROM '.$tbl['page_hit'].' WHERE page_code="'.post("page_code").'"');
		if($DB->num_rows($q_select))
			$result = message(sprintf($lang["page_existed"],post('page_code')),'error');
		else
		{	
			$q_insert = $DB->query('INSERT INTO '.$tbl['page_hit'].'(sort,title,page_code) 
					VALUES(
						"10",
						"'.post('title').'",
						"'.post('page_code').'"
						)');
			if($q_insert)
			{
				$result = message($lang["data_inserted"],'info');
				common_insert_action('Insert new page hit',$tbl['page_hit'],$_GET['mdl']);
			}
			else $result = message($lang["inserted_fail"],'error');
		}
	}
	return  $result;
}

// Support > Send email action
function support_send_message()
{
	global $cfg,$lang,$time;
	if(check_post("name,email,subject,message"))
	{
		$cfg['email_headers'] .= 'From: '.post("name").' <'.post("email").'>';
		$subject = '[Admin support] '.post("subject");
		$message_body = 'This message was sent from Admin area of http://'.$_SERVER['HTTP_HOST'].'<br>
		- Name: '.post("name").'<br>
		- Email: '.post("email").'<br>
		- IP: '.$_SERVER['REMOTE_ADDR'].'<br>
		- Time: '.show_date('H:i:s d/m/Y',$time).'<br>
		---------------------------------------------------------------------------------<br>
		'.nl2br(post("message")).'<br>
		---------------------------------------------------------------------------------<br>';
		//echo data($headers)."<br>".$subject."<br>".$message_body;
		if(@mail($cfg["support_email"],$subject,$message_body,$cfg['email_headers'])) 
		{
			$result = message($lang["msg_sent"],'info');
			// Delete all post variables
			foreach ($_POST as $post_id=>$post_value) $_POST[$post_id] = '';
			common_insert_action('Send email support','none',$_GET['mdl']);
		}
		else $result = message($lang["sent_fail"],'error');
	}
	return $result;
}


function database_repair_table()
{
	global $DB,$tbl,$cfg,$lang;
	if(get('repair'))
	{
		$query = $DB->query('REPAIR TABLE '.get('repair'));
		if($query) 
		{
			$result = message($lang["data_updated"],'info');
			common_insert_action('Repair table',get('repair'),$_GET['mdl']);
		}
		else $result = message($lang["updated_fail"],'error');
	}
	return $result;
}

function database_optimize_table()
{
	global $DB,$tbl,$cfg,$lang;
	if(get('optimize'))
	{
		$query = $DB->query('OPTIMIZE TABLE '.get('optimize'));
		if($query)
		{
			$result = message($lang["data_updated"],'info');
			common_insert_action('Optimize table',get('optimize'),$_GET['mdl']);
		}
		else $result = message($lang["updated_fail"],'error');
	}
	return $result;
}

function file_delete($table='resort',$field='image')
{
	global $DB,$tbl,$cfg,$lang;
	if(get('delete'))
	{
		$delete = @unlink('../'.$cfg['upload_folder'].get('delete'));
		if($delete) 
		{
			$query = "UPDATE $table SET $field='' WHERE $field='".get('delete')."'";
			$DB->query ($query);
			
			$result = message($lang["data_deleted"],'info');
			common_insert_action('Delete uploaded file','none',$_GET['mdl']);
		}
		else $result = message($lang["deleted_fail"],'error');
	}
	return $result;
}


function file_delete_selected($table='resort',$field='image')
{
	global $DB,$tbl,$cfg,$lang;
	if($_POST['delete_selected'] && $_POST['delete_file'])
	{
		foreach ($_POST['delete_file'] as $id=>$value)
		{
			$delete = @unlink('../'.$cfg['upload_folder'].$value);
			if($delete):
				$query = "UPDATE $table SET $field='' WHERE $field='$value'";
				$DB->query ($query);
			else:
				break;
			endif; 
			 
		}
		
		if($delete) 
		{
		 	$result = message($lang["data_deleted"],'info');
			common_insert_action('Delete selected files','none',$_GET['mdl']);
		}
		else $result = message($lang["deleted_fail"],'error');
	}
	return $result;
}
?>